[BUG] Claude 2.1.71 Security False Positives
Preflight Checklist
- [x] I have searched existing issues and this hasn't been reported yet
- [x] This is a single bug report (please file separate reports for different bugs)
- [x] I am using the latest version of Claude Code
What's Wrong?
The changelog for 2.1.71 said it "Fixed false-positive permission prompts for compound bash commands containing heredoc commit messages", however I am always getting these warnings for bash commands. This is a new bug for 2.1.71 as similar issues were for earlier versions and supposedly fixed in 2.1.71.
The warnings I am getting are " Command contains consecutive quote characters at word start
(potential obfuscation) " for bash commands.
What Should Happen?
I'm not sure. These warnings never appeared for me before the 'fix'. If Claude is the one constructing the commands, it should know it is safe to run, regardless of quotes.
Error Messages/Logs
Command contains consecutive quote characters at word start (potential obfuscation)
Example:
cat > /tmp/check_amzn5.py << 'EOF'
import sys
sys.path.insert(0, '/home/chris/miniconda3/envs/tf/sec_
structured_project')
from taxonomy_loader import load_taxonomy
import sqlite3
calc_map, _, _, _, _ = load_taxonomy()
def get_descendants(root, calc_map, visited=None):
if visited is None: visited = set()
for child, _ in calc_map.get(root, []):
if child not in visited:
visited.add(child)
get_descendants(child, calc_map, visited)
return visited
cor_desc = get_descendants('CostOfRevenue', calc_map)
con = sqlite3.connect('/home/chris/miniconda3/envs/tf/s
ec_structured_project/sec_viewer.db')
# Check the MOST RECENT 10-K for Amazon (2024)
adsh = '0001018724-25-000004'
# Get ALL qtrs=4 tags filed for this adsh
rows = con.execute("""
SELECT n.tag, n.value/1e9 as val_B, n.ddate
FROM num n
WHERE n.adsh=? AND n.qtrs=4 AND n.uom='USD'
AND n.segments IS NULL AND n.coreg IS NULL
ORDER BY abs(n.value) DESC LIMIT 50
""", (adsh,)).fetchall()
print("Top 50 IS tags for Amazon 2024 10-K:")
for t, v, d in rows:
in_cor = t in cor_desc or t == 'CostOfRevenue'
print(f" {'[COR]' if in_cor else ' '} {t}:
${v:.3f}B ({d})")
EOF
conda run -n tf python /tmp/check_amzn5.py
List all IS tags for Amazon 2024 10-K
Command contains consecutive quote characters at word start
(potential obfuscation)
Do you want to proceed?
❯ 1. Yes
2. No
Steps to Reproduce
- Open claude code in Visual Code, WSL2 in conda enironment.
- Ask it to plan or do something
- Bash commands ultimately used, and nearly always produce a warning " Command contains consecutive quote characters at word start
(potential obfuscation) " and "Do you want to proceed"?
Claude Model
Sonnet (default)
Is this a regression?
Yes, this worked in a previous version
Last Working Version
2.1.63
Claude Code Version
2.1.71
Platform
Anthropic API
Operating System
Ubuntu/Debian Linux
Terminal/Shell
WSL (Windows Subsystem for Linux)
Additional Information
<img width="437" height="752" alt="Image" src="https://github.com/user-attachments/assets/c81f7e61-039f-41e0-95db-c4c8290235b8" />
<img width="623" height="207" alt="Image" src="https://github.com/user-attachments/assets/153a09d2-168e-49d5-8c90-2516587d7d17" />
This issue has 7 comments on GitHub. Read the full discussion on GitHub ↗